Contrib

GitHub

Pre-configured remote application for enabling sign in/up with GitHub.

Usage:

  1. Ensure you have github3.py package installed:

    cdvirtualenv src/invenio-oauthclient
    pip install -e .[github]
    
  2. Edit your configuration and add:

    from invenio_oauthclient.contrib import github
    
    OAUTHCLIENT_REMOTE_APPS = dict(
        github=github.REMOTE_APP,
    )
    
    GITHUB_APP_CREDENTIALS = dict(
        consumer_key='changeme',
        consumer_secret='changeme',
    )
    
  3. Go to GitHub and register a new application: https://github.com/settings/applications/new. When registering the application ensure that the Authorization callback URL points to: CFG_SITE_SECURE_URL/oauth/authorized/github/ (e.g. http://localhost:4000/oauth/authorized/github/ for development).

  4. Grab the Client ID and Client Secret after registering the application and add them to your instance configuration (invenio.cfg):

    GITHUB_APP_CREDENTIALS = dict(
        consumer_key='<CLIENT ID>',
        consumer_secret='<CLIENT SECRET>',
    )
    
  5. Now go to CFG_SITE_SECURE_URL/oauth/login/github/ (e.g. http://localhost:4000/oauth/login/github/)

  6. Also, you should see GitHub listed under Linked accounts: http://localhost:4000//account/settings/linkedaccounts/

By default the GitHub module will try first look if a link already exists between a GitHub account and a user. If no link is found, the module tries to retrieve the user email address from GitHub to match it with a local user. If this fails, the user is asked to provide an email address to sign-up.

In templates you can add a sign in/up link:

<a href='{{url_for('invenio_oauthclient.login', remote_app='github')}}'>
  Sign in with GitHub
</a>

ORCID

Pre-configured remote application for enabling sign in/up with ORCID.

Usage:

  1. Edit your configuration and add:

    from invenio_oauthclient.contrib import orcid
    
    OAUTHCLIENT_REMOTE_APPS = dict(
        orcid=orcid.REMOTE_APP,
    )
    
    ORCID_APP_CREDENTIALS = dict(
        consumer_key="changeme",
        consumer_secret="changeme",
    )
    

Note, if you want to use the ORCID Member API, use orcid.REMOTE_MEMBER_APP instead of orcid.REMOTE_APP.

In case you want use sandbox: To use the ORCID Public API sandbox, use orcid.REMOTE_SANDBOX_APP instead of orcid.REMOTE_APP. To use the ORCID Member API sandbox, use orcid.REMOTE_SANDBOX_MEMBER_APP.

  1. Register a new application with ORCID. When registering the application ensure that the Redirect URI points to: CFG_SITE_URL/oauth/authorized/orcid/ (note, ORCID does not allow localhost to be used, thus testing on development machines is somewhat complicated by this).

  2. Grab the Client ID and Client Secret after registering the application and add them to your instance configuration (invenio.cfg):

    ORCID_APP_CREDENTIALS = dict(
        consumer_key="<CLIENT ID>",
        consumer_secret="<CLIENT SECRET>",
    )
    
  3. Now go to CFG_SITE_URL/oauth/login/orcid/ (e.g. http://localhost:4000/oauth/login/orcid/)

  4. Also, you should see ORCID listed under Linked accounts: http://localhost:4000/account/settings/linkedaccounts/

By default the ORCID module will try first look if a link already exists between a ORCID account and a user. If no link is found, the user is asked to provide an email address to sign-up.

In templates you can add a sign in/up link:

<a href="{{url_for('invenio_oauthclient.login', remote_app='orcid')}}">
  Sign in with ORCID
</a>

CERN

Pre-configured remote application for enabling sign in/up with CERN.

Usage:

  1. Edit your configuration and add:

    import copy
    
    from invenio_oauthclient.contrib import cern
    
    CERN_REMOTE_APP = copy.deepcopy(cern.REMOTE_APP)
    CERN_REMOTE_APP["params"].update(dict(request_token_params={
        "resource": "changeme.cern.ch",  # replace with your server
        "scope": "Name Email Bio Groups",
    }))
    
    OAUTHCLIENT_REMOTE_APPS = dict(
        cern=CERN_REMOTE_APP,
    )
    
    CERN_APP_CREDENTIALS = dict(
        consumer_key="changeme",
        consumer_secret="changeme",
    )
    
Note, if you want to use the CERN sandbox, use cern.REMOTE_SANDBOX_APP instead of cern.REMOTE_APP.
  1. Register a new application with CERN. When registering the application ensure that the Redirect URI points to: http://localhost:5000/oauth/authorized/cern/ (note, CERN does not allow localhost to be used, thus testing on development machines is somewhat complicated by this).

  2. Grab the Client ID and Client Secret after registering the application and add them to your instance configuration (invenio.cfg):

    CERN_APP_CREDENTIALS = dict(
        consumer_key="<CLIENT ID>",
        consumer_secret="<CLIENT SECRET>",
    )
    
  3. Now login using CERN OAuth: http://localhost:5000/oauth/login/cern/.

  4. Also, you should see CERN listed under Linked accounts: http://localhost:5000/account/settings/linkedaccounts/

By default the CERN module will try first look if a link already exists between a CERN account and a user. If no link is found, the user is asked to provide an email address to sign-up.

In templates you can add a sign in/up link:

<a href="{{ url_for("invenio_oauthclient.login", remote_app="cern") }}">
  Sign in with CERN
</a>